qwqdanchun
/
Goby
mirror of https://github.com/qwqdanchun/Goby.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Goby/json/Compact-backdoors-(CVE-2021...

140 lines
4.9 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Name": "Compact backdoors (CVE-2021-40859)",
"Description": "<p>Auerswald Compact series is an Ict solution from Auerswald, Germany.</p><p>Auerswald Compact series devices have backdoor vulnerabilities. These backdoors allow an attacker to have full administrative access to the device.</p>",
"Product": "Compact",
"Homepage": "https://apache.org/",
"DisclosureDate": "2021-12-26",
"Author": "1291904552@qq.com",
"FofaQuery": "body=\"auerswald\" || title=\"auerswald\"",
"GobyQuery": "body=\"auerswald\" || title=\"auerswald\"",
"Level": "2",
"Impact": "<p>Auerswald Compact series devices have backdoor vulnerabilities. These backdoors allow an attacker to have full administrative access to the device.</p>",
"Translation": {
"CN": {
"Name": "Compact 系列设备存在后门漏洞CVE-2021-40859",
"VulType": [
"其他"
],
"Tags": [
"其他"
],
"Description": "<p>Auerswald Compact 系列是德国Auerswald公司的一种 Ict 解决方案。</p><p>Auerswald Compact 系列存在后门漏洞,这些后门允许能够访问基于 Web 的管理应用程序的攻击者对设备进行完全管理访问。</p>",
"Impact": "<p>Auerswald Compact 系列存在后门漏洞,这些后门允许能够访问基于 Web 的管理应用程序的攻击者对设备进行完全管理访问。</p>",
"Product": "Compact",
"Recommendation": "<p>⼚商已发布了漏洞修复程序,请及时关注更新: <a href=\"https://www.auerswald.de/en/product/compact-5500r\">https://www.auerswald.de/en/product/compact-5500r</a></p><p>1、通过防⽕墙等安全设备设置访问策略设置⽩名单访问。</p><p>2、升级系统版本。</p>"
},
"EN": {
"Name": "Compact backdoors (CVE-2021-40859)",
"VulType": [
"other"
],
"Tags": [
"other"
],
"Description": "<p>Auerswald Compact series is an Ict solution from Auerswald, Germany.</p><p>Auerswald Compact series devices have backdoor vulnerabilities. These backdoors allow an attacker to have full administrative access to the device.</p>",
"Impact": "<p>Auerswald Compact series devices have backdoor vulnerabilities. These backdoors allow an attacker to have full administrative access to the device.</p>",
"Product": "Compact",
"Recommendation": "<p>The vendor has released a bug fix, please pay attention to the update in time: <a href=\"https://www.auerswald.de/en/product/compact-5500r\">https://www.auerswald.de/en/product/compact-5500r</a></p><p>1. Set access policies and whitelist access through security devices such as firewalls.</p><p>2.Upgrade the system version.</p>"
}
},
"References": [
"https://nvd.nist.gov/vuln/detail/CVE-2021-40859"
],
"HasExp": true,
"ExpParams": [],
"ExpTips": null,
"ScanSteps": [
"AND",
{
"Request": {
"method": "GET",
"uri": "/test.php",
"follow_redirect": true,
"header": {},
"data_type": "text",
"data": ""
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "200",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "test",
"bz": ""
}
]
},
"SetVariable": []
}
],
"ExploitSteps": [
"AND",
{
"Request": {
"method": "GET",
"uri": "/test.php",
"follow_redirect": true,
"header": {},
"data_type": "text",
"data": ""
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "200",
"bz": ""
},
{
"type": "item",
"variable": "$body",
"operation": "contains",
"value": "test",
"bz": ""
}
]
},
"SetVariable": []
}
],
"Tags": [
"其它"
],
"VulType": [
"其它"
],
"CVEIDs": [
"CVE-2021-40859"
],
"CVSSScore": "9.8",
"AttackSurfaces": {
"Application": null,
"Support": null,
"Service": [
"Compact"
],
"System": null,
"Hardware": null
},
"Recommendation": "<p>The vendor has released a bug fix, please pay attention to the update in time: <a href=\"https://www.auerswald.de/en/product/compact-5500r\">https://www.auerswald.de/en/product/compact-5500r</a></p><p>1. Set access policies and whitelist access through security devices such as firewalls.</p><p>2. Upgrade the system version.</p>",
"CNNVD": [
"CNNVD-202112-390"
],
"CNVD": [
""
]
}
Reference in New Issue View Git Blame Copy Permalink